Login
Country / Region
02-QoS commands
Chapters Download (140.11 KB)
Use display traffic classifier to display traffic classes.
Syntax
display traffic classifier user-defined [ classifier-name ] [ chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
context-admin
context-operator
Parameters
user-defined: Specifies user-defined traffic classes.
classifier-name: Specifies a traffic class by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a traffic class, this command displays all traffic classes.
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify this option, the command displays the traffic classes for the global active MPU.
Examples
# Display all user-defined traffic classes.
<Sysname> display traffic classifier user-defined
User-defined classifier information:
Classifier: 1 (ID 100)
Operator: AND
Rule(s) :
If-match acl 2000
Classifier: 2 (ID 101)
Operator: AND
Rule(s) :
If-match protocol ipv6
Classifier: 3 (ID 102)
Operator: AND
Rule(s) :
-none-
|
Field |
Description |
|
Classifier |
Traffic class name and its match criteria. |
|
Operator |
Match operator you set for the traffic class. If the operator is AND, the traffic class matches the packets that match all its match criteria. If the operator is OR, the traffic class matches the packets that match any of its match criteria. |
|
Rule(s) |
Match criteria. |
Use if-match to define a match criterion.
Use undo if-match to delete a match criterion.
Syntax
if-match [ not ] match-criteria
undo if-match [ not ] match-criteria
Default
No match criterion is configured.
Views
Traffic class view
Predefined user roles
network-admin
context-admin
Parameters
not: Matches packets that do not conform to the specified criterion.
match-criteria: Specifies a match criterion. Table 2 shows the available match criteria.
Table 2 Available match criteria
|
Option |
Description |
|
acl [ ipv6 ] { acl-number | name acl-name } |
Matches an ACL. The value range for the acl-number argument is as follows: · 2000 to 3999 for IPv4 ACLs. · 2000 to 3999 for IPv6 ACLs. The acl-name argument is a case-insensitive string of 1 to 63 characters, which must start with an English letter. To avoid confusion, make sure the argument is not all. |
|
app-group group-name |
Matches an application group. The group-name argument specifies an application group by its name. The application group must have been created. A nonexistent application group cannot match packets. For more information about creating application groups, see APR in Security Configuration Guide. |
|
application app-name |
Matches an application. The app-name argument specifies a user-created application by its name. |
|
any |
Matches all packets. |
|
classifier classifier-name |
Matches a class. The classifier-name argument specifies a class by its name. |
|
customer-dot1p dot1p-value&<1-8> |
Matches 802.1p priority values in inner VLAN tags of double-tagged packets. The dot1p-value&<1-8> argument specifies a space-separated list of up to eight 802.1p priority values. The value range for the dot1p-value argument is 0 to 7. |
|
destination-mac mac-address |
Matches a destination MAC address. This option takes effect only on Ethernet interfaces. |
|
dscp dscp-value&<1-8> |
Matches DSCP values. The dscp-value&<1-8> argument specifies a space-separated list of up to eight DSCP values. The value range for the dscp-value argument is 0 to 63 or keywords shown in Table 4. |
|
inbound-interface interface-type interface-number |
Matches an input interface specified by its type and number. |
|
ip-precedence ip-precedence-value&<1-8> |
Matches IP precedence values. The ip-precedence-value&<1-8> argument specifies a space-separated list of up to eight IP precedence values. The value range for the ip-precedence-value argument is 0 to 7. |
|
mpls-exp exp-value&<1-8> |
Matches MPLS EXP values. The exp-value&<1-8> argument specifies a space-separated list of up to eight EXP values. The value range for the exp-value argument is 0 to 7. For devices that forward packets in software, MPLS packets do not support IP-related match criteria. |
|
packet-length { min min-value | max max-value } * |
Matches the packet length. The min-value argument specifies the minimum packet length in bytes. The max-value argument specifies the maximum packet length in bytes. The maximum packet length must be greater than or equal to the minimum packet length. |
|
protocol protocol-name |
Matches a protocol. The protocol-name argument can be arp, ip, or ipv6. |
|
qos-local-id local-id-value |
Matches a local QoS ID in the range of 1 to 4095. |
|
rtp start-port start-port-number end-port end-port-number |
Matches RTP protocol ports. The value ranges for the start-port-number and end-port-number arguments are both 2000 to 65535. This criterion matches RTP packets with an even UDP destination port number in the specified RTP port number range. |
|
source-mac mac-address |
Matches a source MAC address. This option takes effect only on Ethernet interfaces. |
Usage guidelines
In a traffic class with the logical OR operator, you can configure multiple if match commands for any of the available match criteria.
When you configure a match criterion that can have multiple values in one if-match command, follow these restrictions and guidelines:
· You can specify up to eight values for any of the following match criteria in one if-match command:
· If a packet matches one of the specified values, it matches the if-match command.
· To delete a criterion that has multiple values, the specified values in the undo if-match command must be the same as those specified in the if-match command. The order of the values can be different.
When you configure ACL-based match criteria, follow these restrictions and guidelines:
· The ACL must already exist.
· If the ACL contains deny rules, the if-match command is ignored and the matching process continues.
You can use both AND and OR operators to define the match relationships between the criteria for a class. For example, you can define relationships among three match criteria in traffic class classA as follows:
traffic classifier classB operator and
if-match criterion 1
if-match criterion 2
traffic classifier classA operator or
if-match criterion 3
if-match classifier classB
Examples
# Define a match criterion for traffic class class1 to match the packets with a destination MAC address of 0050-ba27-bed3.
<Sysname> system-view
[Sysname] traffic classifier class1
[Sysname-classifier-class1] if-match destination-mac 0050-ba27-bed3
# Define a match criterion for traffic class class2 to match the packets with a source MAC address of 0050-ba27-bed2.
<Sysname> system-view
[Sysname] traffic classifier class2
[Sysname-classifier-class2] if-match source-mac 0050-ba27-bed2
# Define a match criterion for traffic class class1 to match the double-tagged packets with 802.1p priority 3 in the inner VLAN tag.
<Sysname> system-view
[Sysname] traffic classifier class1
[Sysname-classifier-class1] if-match customer-dot1p 3
# Define a match criterion for traffic class class1 to match advanced ACL 3101.
<Sysname> system-view
[Sysname] traffic classifier class1
[Sysname-classifier-class1] if-match acl 3101
# Define a match criterion for traffic class class1 to match the ACL named flow.
<Sysname> system-view
[Sysname] traffic classifier class1
[Sysname-classifier-class1] if-match acl name flow
# Define a match criterion for traffic class class1 to match advanced IPv6 ACL 3101.
<Sysname> system-view
[Sysname] traffic classifier class1
[Sysname-classifier-class1] if-match acl ipv6 3101
# Define a match criterion for traffic class class1 to match the IPv6 ACL named flow.
<Sysname> system-view
[Sysname] traffic classifier class1
[Sysname-classifier-class1] if-match acl ipv6 name flow
# Define a match criterion for traffic class class1 to match all packets.
<Sysname> system-view
[Sysname] traffic classifier class1
[Sysname-classifier-class1] if-match any
# Define a match criterion for traffic class class1 to match the packets with a DSCP value of 1, 6, or 9.
<Sysname> system-view
[Sysname] traffic classifier class1 operator or
[Sysname-classifier-class1] if-match dscp 1 6 9
# Define a match criterion for traffic class class1 to match the packets with an IP precedence value of 1 or 6.
<Sysname> system-view
[Sysname] traffic classifier class1 operator or
[Sysname-classifier-class1] if-match ip-precedence 1 6
# Define a match criterion for traffic class class1 to match the packets with a local precedence value of 1 or 6.
<Sysname> system-view
[Sysname] traffic classifier class1 operator or
[Sysname-classifier-class1] if-match local-precedence 1 6
# Define a match criterion for traffic class class1 to match IP packets.
<Sysname> system-view
[Sysname] traffic classifier class1
[Sysname-classifier-class1] if-match protocol ip
# Define a match criterion for traffic class class1 to match the RTP packets with even UDP destination port numbers in the range of 16384 to 32767.
<Sysname> system-view
[Sysname] traffic classifier class1 operator or
[Sysname-classifier-class1] if-match rtp start-port 16384 end-port 32767
# Define a match criterion for traffic class class1 to match the packets with a local QoS ID of 3.
<Sysname> system-view
[Sysname] traffic classifier class1
[Sysname-classifier-class1] if-match qos-local-id 3
# Define a match criterion for traffic class class1 to match the packets of the application group multimedia.
<Sysname> system-view
[Sysname] traffic classifier class1
[Sysname-classifier-class1] if-match app-group multimedia
# Define a match criterion for traffic class class1 to match the packets of the application 3link.
<Sysname> system-view
[Sysname] traffic classifier class1
[Sysname-classifier-class1] if-match application 3link
# Define a match criterion for traffic class class1 to match packets with the length in the range of 100 to 200 bytes.
<Sysname> system-view
[Sysname] traffic classifier class1
[Sysname-classifier-class1] if-match packet-length min 100 max 200
Use traffic classifier to create a traffic class and enter its view, or enter the view of an existing traffic class.
Use undo traffic classifier to delete a traffic class.
Syntax
traffic classifier classifier-name [ operator { and | or } ]
undo traffic classifier classifier-name
Default
No traffic classes exist.
Views
System view
Predefined user roles
network-admin
context-admin
Parameters
classifier-name: Specifies a name for the traffic class, a case-sensitive string of 1 to 31 characters.
operator: Sets the operator to logic AND (the default) or OR for the traffic class.
and: Specifies the logic AND operator. The traffic class matches the packets that match all its criteria.
or: Specifies the logic OR operator. The traffic class matches the packets that match any of its criteria.
Examples
# Create a traffic class named class1.
<Sysname> system-view
[Sysname] traffic classifier class1
[Sysname-classifier-class1]
Related commands
display traffic classifier
Use car to configure a CAR action in absolute value in a traffic behavior.
Use undo car to restore the default.
Syntax
car cir committed-information-rate [ cbs committed-burst-size [ ebs excess-burst-size ] ] [ green action | red action | yellow action ] *
car cir committed-information-rate [ cbs committed-burst-size ] pir peak-information-rate [ ebs excess-burst-size ] [ green action | red action | yellow action ] *
undo car
Default
No CAR action is configured.
Views
Traffic behavior view
Predefined user roles
network-admin
context-admin
Parameters
cir committed-information-rate: Specifies the committed information rate (CIR) in the range of 8 to 10000000 kbps.
cbs committed-burst-size: Specifies the committed burst size (CBS) in the range of 1000 to 1000000000 bytes. The default value for this argument is the product of 62.5 and the CIR.
ebs excess-burst-size: Specifies the excess burst size (EBS) in the range of 0 to 1000000000 bytes. If the PIR is configured, the default EBS is the product of 62.5 and the PIR.
pir peak-information-rate: Specifies the peak information rate (PIR) in the range of 8 to 10000000 kbps. The PIR must be specified in the same unit as the CIR.
green action: Specifies the action to take on packets that conform to the CIR. The default setting is pass.
red action: Specifies the action to take on packets that conform to neither CIR nor PIR. The default setting is discard.
yellow action: Specifies the action to take on packets that conform to the PIR but not to the CIR. The default setting is pass.
action: Sets the action to take on the packet:
· discard: Drops the packet.
· pass: Permits the packet to pass through.
· remark-dot1p-pass new-cos: Sets the 802.1p priority value of the 802.1p packet to new-cos and permits the packet to pass through. The new-cos argument is in the range of 0 to 7.
· remark-dscp-pass new-dscp: Sets the DSCP value of the packet to new-dscp and permits the packet to pass through. The new-dscp argument is in the range of 0 to 63.
· remark-prec-pass new-precedence: Sets the IP precedence of the packet to new-precedence and permits the packet to pass through. The new-precedence argument is in the range of 0 to 7.
Usage guidelines
To use two rates for traffic policing, configure the car command with the pir peak-information-rate option. To use one rate for traffic policing, configure the car command without the pir peak-information-rate option.
If you execute the car command multiple times in the same traffic behavior, the most recent configuration takes effect.
Examples
# Configure a CAR action in traffic behavior database:
· Set the CIR to 200 kbps, CBS to 51200 bytes, and EBS to 0.
· Transmit the conforming packets, and mark the excess packets with DSCP value 0 and transmit them.
<Sysname> system-view
[Sysname] traffic behavior database
[Sysname-behavior-database] car cir 200 cbs 51200 ebs 0 green pass red remark-dscp-pass 0
Use display traffic behavior to display traffic behaviors.
Syntax
display traffic behavior user-defined [ behavior-name ] [ chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
context-admin
context-operator
Parameters
user-defined: Specifies user-defined traffic behaviors.
behavior-name: Specifies a behavior by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a traffic behavior, this command displays all traffic behaviors.
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify this option, the command displays the traffic behaviors for the global active MPU.
Examples
# Display all user-defined traffic behaviors.
<Sysname> display traffic behavior user-defined
User-defined behavior information:
Behavior: 1 (ID 100)
Committed Access Rate:
CIR 2222 (kbps), CBS 22222222 (Bytes), EBS 0 (Bytes)
Green action : pass
Yellow action : pass
Red action : discard
|
Field |
Description |
|
Behavior |
Name and contents of a traffic behavior. |
|
Marking |
Information about priority marking. |
|
Remark dscp |
Action of setting the DSCP value for packets. |
|
Committed Access Rate |
Information about the CAR action. |
|
Green action |
Action to take on green packets. |
|
Yellow action |
Action to take on yellow packets. |
|
Red action |
Action to take on red packets. |
|
Filter enable |
Traffic filtering action. |
|
Remark mpls-exp |
Action of setting the MPLS EXP value for packets. |
|
Redirecting |
Information about traffic redirecting. |
|
none |
No other traffic behavior is configured. |
|
Exponential Weight |
Exponent for average queue size calculation |
|
Pre |
IP precedence. |
|
Low |
Lower threshold of the queue. |
|
High |
Upper threshold of the queue. |
|
Dis-prob |
Denominator for drop probability calculation. |
Use filter to configure a traffic filtering action in a traffic behavior.
Use undo filter to restore the default.
Syntax
filter { deny | permit }
undo filter
Default
No traffic filtering action is configured.
Views
Traffic behavior view
Predefined user roles
network-admin
context-admin
Parameters
deny: Drops packets.
permit: Transmits packets.
Examples
# Configure a traffic filtering action as deny in traffic behavior database.
<Sysname> system-view
[Sysname] traffic behavior database
[Sysname-behavior-database] filter deny
Use remark dot1p to configure an 802.1p priority marking action in a traffic behavior.
Use undo remark dot1p to restore the default.
Syntax
remark dot1p dot1p-value
undo remark dot1p
Default
No 802.1p priority markingaction is configured.
Views
Traffic behavior view
Predefined user roles
network-admin
context-admin
Parameters
dot1p-value: Specifies the 802.1p priority to be marked for packets, in the range of 0 to 7.
Examples
# Configure traffic behavior database to mark matching traffic with 802.1p 2.
<Sysname> system-view
[Sysname] traffic behavior database
[Sysname-behavior-database] remark dot1p 2
Use remark dscp to configure a DSCP marking action in a traffic behavior.
Use undo remark dscp to restore the default.
Syntax
remark dscp dscp-value
undo remark dscp
Default
No DSCP marking action is configured.
Views
Traffic behavior view
Predefined user roles
network-admin
context-admin
Parameters
dscp-value: Specifies a DSCP value, which can be a number from 0 to 63 or a keyword in Table 4.
Table 4 DSCP keywords and values
|
Keyword |
DSCP value (binary) |
DSCP value (decimal) |
|
af11 |
001010 |
10 |
|
af12 |
001100 |
12 |
|
af13 |
001110 |
14 |
|
af21 |
010010 |
18 |
|
af22 |
010100 |
20 |
|
af23 |
010110 |
22 |
|
af31 |
011010 |
26 |
|
af32 |
011100 |
28 |
|
af33 |
011110 |
30 |
|
af41 |
100010 |
34 |
|
af42 |
100100 |
36 |
|
af43 |
100110 |
38 |
|
cs1 |
001000 |
8 |
|
cs2 |
010000 |
16 |
|
cs3 |
011000 |
24 |
|
cs4 |
100000 |
32 |
|
cs5 |
101000 |
40 |
|
cs6 |
110000 |
48 |
|
cs7 |
111000 |
56 |
|
default |
000000 |
0 |
|
ef |
101110 |
46 |
Usage guidelines
On devices that forward packets in hardware, the remark dscp and remark tunnel-dscp commands are mutually exclusive with each other in the same traffic behavior.
If you execute the remark dscp command multiple times in the same traffic behavior, the most recent configuration takes effect.
Examples
# Configure traffic behavior database to mark matching traffic with DSCP 6.
<Sysname> system-view
[Sysname] traffic behavior database
[Sysname-behavior-database] remark dscp 6
Use remark ip-precedence to configure an IP precedence marking action in a traffic behavior.
Use undo remark ip-precedence to restore the default.
Syntax
remark ip-precedence ip-precedence-value
undo remark ip-precedence
Default
No IP precedence marking action is configured.
Views
Traffic behavior view
Predefined user roles
network-admin
context-admin
Parameters
ip-precedence-value: Specifies the IP precedence value to be marked for packets, in the range of 0 to 7.
Usage guidelines
If you execute the remark ip-precedence command multiple times in the same traffic behavior, the most recent configuration takes effect.
Examples
# Set the IP precedence to 6 for packets.
<Sysname> system-view
[Sysname] traffic behavior database
[Sysname-behavior-database] remark ip-precedence 6
Use remark qos-local-id to configure a local QoS ID marking action in a traffic behavior.
Use undo remark qos-local-id to restore the default.
Syntax
remark qos-local-id local-id-value
undo remark qos-local-id
Default
No local QoS ID marking action is configured.
Views
Traffic behavior view
Predefined user roles
network-admin
context-admin
Parameters
local-id-value: Specifies the local QoS ID to be marked for packets, in the range of 1 to 4095.
Usage guidelines
You can use one QoS policy to mark the local QoS ID for packets in the inbound direction. Then, you can use another QoS policy to apply other QoS features in the outbound direction based on the marked local QoS ID.
If you execute the remark qos-local-id command multiple times in the same traffic behavior, the most recent configuration takes effect.
Examples
# Configure the action of marking packets with local QoS ID 2.
<Sysname> system-view
[Sysname] traffic behavior database
[Sysname-behavior-database] remark qos-local-id 2
Use traffic behavior to create a traffic behavior and enter its view, or enter the view of an existing traffic behavior.
Use undo traffic behavior to delete a traffic behavior.
Syntax
traffic behavior behavior-name
undo traffic behavior behavior-name
Default
No traffic behaviors exist.
Views
System view
Predefined user roles
network-admin
context-admin
Parameters
behavior-name: Specifies a name for the traffic behavior, a case-sensitive string of 1 to 31 characters.
Examples
# Create a traffic behavior named behavior1.
<Sysname> system-view
[Sysname] traffic behavior behavior1
[Sysname-behavior-behavior1]
Related commands
display traffic behavior
Use traffic-policy to nest a policy in a traffic behavior.
Use undo traffic-policy to remove child policies from a traffic behavior.
Syntax
traffic-policy policy-name
undo traffic-policy
Default
No policy is nested in a traffic behavior.
Views
Traffic behavior view
Predefined user roles
network-admin
context-admin
Parameters
policy-name: Specifies a policy by its name, a string of 1 to 31 characters. If the policy does not exist, it is automatically created.
Usage guidelines
After you nest a child policy in a behavior of a parent policy, the system performs the following operations:
· Performs the associated behavior defined in the parent policy for a class of traffic.
· Uses the child policy to further classify the class of traffic and performs the behaviors defined in the child policy.
· Policy nesting is available for IPv4 and IPv6 packets.
· To delete the child policy after you apply the parent policy to an interface, first remove the child policy from the parent policy.
Examples
# Nest child policy child in traffic behavior database of the parent policy.
<Sysname> system-view
[Sysname] traffic behavior database
[Sysname-behavior-database] traffic-policy child
Related commands
traffic behavior
traffic classifier
Use classifier behavior to associate a traffic behavior with a traffic class in a QoS policy.
Use undo classifier to delete a class-behavior association from a QoS policy.
Syntax
classifier classifier-name behavior behavior-name [ insert-before before-classifier-name ]
undo classifier classifier-name
Default
No traffic behavior is associated with a traffic class.
Views
QoS policy view
Predefined user roles
network-admin
context-admin
Parameters
classifier-name: Specifies a traffic class by its name, a case-sensitive string of 1 to 31 characters.
behavior-name: Specifies a traffic behavior by its name, a case-sensitive string of 1 to 31 characters.
insert-before before-classifier-name: Inserts the new traffic class before an existing traffic class in the QoS policy. The before-classifier-name argument specifies an existing traffic class by its name, a case-sensitive string of 1 to 31 characters. If you do not specify the insert-before before-classifier-name option, the new traffic class is placed at the end of the QoS policy.
Usage guidelines
A traffic class can be associated only with one traffic behavior in a QoS policy.
If the specified traffic class or traffic behavior does not exist, the system defines a null traffic class or traffic behavior.
Examples
# Associate traffic class database with traffic behavior test in QoS policy user1.
<Sysname> system-view
[Sysname] qos policy user1
[Sysname-qospolicy-user1] classifier database behavior test
# Associate traffic class database with traffic behavior test in QoS policy user1, and insert traffic class database before an existing traffic class named class-a.
<Sysname> system-view
[Sysname] qos policy user1
[Sysname-qospolicy-user1] classifier database behavior test insert-before class-a
Related commands
qos policy
Use display qos policy to display QoS policies.
Syntax
display qos policy user-defined [ policy-name [ classifier classifier-name ] ] [ chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
context-admin
context-operator
Parameters
user-defined: Specifies user-defined QoS policies.
policy-name: Specifies a QoS policy by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a QoS policy, this command displays all user-defined QoS policies.
classifier classifier-name: Specifies a traffic class by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a traffic class, this command displays all traffic classes.
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify this option, the command displays the QoS policies for the global active MPU.
Examples
# Display all user-defined QoS policies.
<Sysname> display qos policy user-defined
User-defined QoS policy information:
Policy: 1 (ID 100)
Classifier: 1 (ID 100)
Behavior: 1
Marking:
Remark dscp 3
Committed Access Rate:
CIR 112 (kbps), CBS 51200 (Bytes), EBS 512 (Bytes)
Green action : pass
Yellow action : pass
Red action : discard
Classifier: 2 (ID 101)
Behavior: 2
Accounting enable: Packet
Filter enable: Permit
Marking:
Remark dot1p 4
Classifier: 3 (ID 102)
Behavior: 3
-none-
Table 5 Command output
|
Field |
Description |
|
User-defined QoS policy information |
Information about a user-defined QoS policy. |
|
System-defined QoS policy information |
Information about a system-defined QoS policy. |
|
Policy |
User-defined QoS policy name. |
For the description of other fields, see Table 1 and Table 3.
Use display qos policy advpn to display QoS policies applied to hub-spoke tunnels on a tunnel interface.
Syntax
display qos policy advpn tunnel number [ ipv4-address | ipv6-address ] [ outbound ]
Views
Any view
Predefined user roles
network-admin
network-operator
context-admin
context-operator
Parameters
number: Specifies a tunnel interface by its number. The tunnel interface number can be 0 or 1.
ipv4-address: Specifies the spoke's private IPv4 address of a hub-spoke tunnel.
ipv6-address: Specifies the spoke's private IPv6 address of a hub-spoke tunnel.
outbound: Specifies the QoS policies applied to the outbound direction.
Usage guidelines
If you do not specify a spoke's private IP address of a hub-spoke tunnel, this command displays the QoS policy information for all hub-spoke tunnels on a tunnel interface. For information about hub-spoke tunnels, see ADVPN in VPN Configuration Guide.
For configuration commands for tunnel interfaces, see tunnel commands in VPN Command Reference.
Examples
# Display the QoS policy applied to the outgoing traffic of all hub-spoke tunnels on tunnel interface 1.
<Sysname> display qos policy advpn tunnel 1 outbound
Session: Tunnel1 192.168.0.3
Direction: Outbound
Policy: finance
Classifier: default-class
Matched : 0 (Packets) 0 (Bytes)
Operator: AND
Rule(s) :
If-match any
Behavior: be
-none-
Classifier: finance
Matched : 123713988 (Packets) 13608538380 (Bytes)
Operator: AND
Rule(s) :
If-match any
Behavior: finance
Committed Access Rate:
CIR 1500 (kbps), CBS 93750 (Bytes), EBS 0 (Bytes)
Green action : pass
Yellow action : pass
Red action : discard
Green packets : 14980239 (Packets) 1647826290 (Bytes)
Yellow packets: 0 (Packets) 0 (Bytes)
Red packets : 108733781 (Packets) 11960715910 (Bytes)
Session: Tunnel1 192.168.0.4 (inactive)
Direction: Outbound
Policy: business
Table 6 Command output
|
Field |
Description |
|
Session |
Hub-spoke tunnel information. A hub-spoke tunnel is uniquely identified by a tunnel interface and the spoke's private IPv4 or IPv6 address. The word inactive indicates that a QoS policy fails to be applied to the hub-spoke tunnel or the applied QoS policy does not exist. |
|
Direction |
Direction to which a QoS policy is applied on the hub-spoke tunnel. |
For the description of other fields, see Table 1 and Table 3.
Use display qos policy interface to display the QoS policies applied to interfaces.
Syntax
display qos policy interface [ interface-type interface-number ] [ chassis chassis-number slot slot-number ] [ inbound | outbound ]
Views
Any view
Predefined user roles
network-admin
network-operator
context-admin
context-operator
Parameters
interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays QoS policies applied to all interfaces except VA interfaces. For information about VA interfaces, see PPPoE in Layer 2—WAN Access Configuration Guide.
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays QoS policies on the global active MPU. Only logical interfaces support this option.
inbound: Specifies the QoS policy applied to incoming traffic.
outbound: Specifies the QoS policy applied to outgoing traffic.
Usage guidelines
If you do not specify a direction, this command displays the QoS policy applied to incoming traffic and the QoS policy applied to outgoing traffic.
If you specify a VT interface, this command displays the QoS policies applied to each VA interface of the VT interface. It does not display QoS information about the VT interface.
Examples
# Display the QoS policy applied to the incoming traffic of GigabitEthernet 1/2/5/1.
<Sysname> display qos policy interface gigabitethernet 1/2/5/1 inbound
Interface: GigabitEthernet1/2/5/1
Direction: Inbound
Policy: 1
Classifier: 1
Matched : 0 (Packets) 0 (Bytes)
5-minute statistics:
Forwarded: 0/0 (pps/bps)
Dropped : 0/0 (pps/bps)
Operator: AND
Rule(s) :
If-match acl 2000
Behavior: 1
Marking:
Remark dscp 3
Committed Access Rate:
CIR 112 (kbps), CBS 51200 (Bytes), EBS 512 (Bytes)
Green action : pass
Yellow action : pass
Red action : discard
Green packets : 0 (Packets) 0 (Bytes)
Yellow packets: 0 (Packets) 0 (Bytes)
Red packets : 0 (Packets) 0 (Bytes)
Classifier: 2
Matched : 0 (Packets) 0 (Bytes)
5-minute statistics:
Forwarded: 0/0 (pps/bps)
Dropped : 0/0 (pps/bps)
Operator: AND
Rule(s) :
If-match protocol ipv6
Behavior: 2
Filter enable: Permit
Classifier: 3
Matched : 0 (Packets) 0 (Bytes)
5-minute statistics:
Forwarded: 0/0 (pps/bps)
Dropped : 0/0 (pps/bps)
Operator: AND
Rule(s) :
-none-
Behavior: 3
-none-
# Display the QoS policies applied to all interfaces.
<Sysname> display qos policy interface
Interface: GigabitEthernet1/2/5/1
Direction: Inbound
Policy: a
Classifier: a
Operator: AND
Rule(s) :
If-match any
Behavior: a
Committed Access Rate:
CIR 112 (kbps), CBS 51200 (Bytes), EBS 0 (Bytes)
Green action : pass
Yellow action : pass
Red action : discard
Green packets : 0 (Packets)
Red packets : 0 (Packets)
Interface: GigabitEthernet1/2/5/3
Direction: Inbound
Policy: b
Classifier: b
Operator: AND
Rule(s) :
If-match any
Behavior: b
Committed Access Rate:
CIR 112 (kbps), CBS 51200 (Bytes), EBS 0 (Bytes)
Green action : pass
Yellow action : pass
Red action : discard
Green packets : 0(Packets)
Red packets : 0 (Packets)
Interface: GigabitEthernet1/2/5/3
Direction: Inbound
Policy: a
Classifier: a
Operator: AND
Rule(s) :
If-match any
Behavior: a
Committed Access Rate:
CIR 112 (kbps), CBS 51200 (Bytes), EBS 0 (Bytes)
Green action : pass
Yellow action : pass
Red action : discard
Green packets : 0 (Packets)
Red packets : 0 (Packets)
Table 7 Command output
|
Field |
Description |
|
Direction |
Direction in which the QoS policy is applied. |
|
Matched |
Number of matching packets. |
|
Forwarded |
Average rate of successfully forwarded matching packets in a statistics collection period. |
|
Dropped |
Average rate of dropped matching packets in a statistics collection period. |
|
Green packets |
Traffic statistics for green packets. |
|
Yellow packets |
Traffic statistics for yellow packets. |
|
Red packets |
Traffic statistics for red packets. |
For the description of other fields, see Table 1 and Table 3.
Use qos apply policy to apply a QoS policy to an interface.
Use undo qos apply policy to remove an applied QoS policy.
Syntax
qos apply policy policy-name { inbound | outbound }
undo qos apply policy policy-name { inbound | outbound }
Default
No QoS policy is applied.
Views
Interface view
Predefined user roles
network-admin
context-admin
Parameters
policy-name: Specifies a QoS policy by its name, a case-sensitive string of 1 to 31 characters.
inbound: Applies the QoS policy to incoming traffic.
outbound: Applies the QoS policy to outgoing traffic.
When you apply a QoS policy to an interface, follow these rules:
· The bandwidth assigned to AF and EF queues in the QoS policy must be smaller than the available bandwidth of the interface. Otherwise, the QoS policy cannot be successfully applied to the interface.
· If you modify the available bandwidth of the interface to be smaller than the bandwidth for AF and EF queues, the applied QoS policy is removed.
Examples
# Apply QoS policy USER1 to the incoming traffic of GigabitEthernet 1/2/5/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/2/5/1
[Sysname-GigabitEthernet1/2/5/1] qos apply policy USER1 inbound
Use qos policy to create a QoS policy and enter its view, or enter the view of an existing QoS policy.
Use undo qos policy to delete a QoS policy.
Syntax
qos policy policy-name
undo qos policy policy-name
Default
No QoS policies exist.
Views
System view
Predefined user roles
network-admin
context-admin
Parameters
policy-name: Specifies a name for the QoS policy, a case-sensitive string of 1 to 31 characters.
Usage guidelines
To delete a QoS policy that has been applied to an object, you must first remove the QoS policy from the object.
Examples
# Create a QoS policy named user1.
<Sysname> system-view
[Sysname] qos policy user1
[Sysname-qospolicy-user1]
Related commands
classifier behavior
qos apply policy
Use reset qos policy advpn to clear the statistics for QoS policies applied to hub-spoke tunnels on a tunnel interface.
Syntax
reset qos policy advpn tunnel number [ ipv4-address | ipv6-address ] [ outbound ]
Views
User view
Predefined user roles
network-admin
context-admin
Parameters
number: Specifies a tunnel interface by its number. The tunnel interface number can be 0 or 1.
ipv4-address: Specifies the spoke's private IPv4 address of a hub-spoke tunnel.
ipv6-address: Specifies the spoke's private IPv6 address of a hub-spoke tunnel.
outbound: Specifies the QoS policies applied to the outbound direction.
Usage guidelines
If you do not specify a spoke's private IP address of a hub-spoke tunnel, this command clears the QoS policy statistics for all hub-spoke tunnels on a tunnel interface. For information about hub-spoke tunnels, see ADVPN in VPN Configuration Guide.
For configuration commands for tunnel interfaces, see tunnel commands in VPN Command Reference.
The device only supports clearing the statistics for QoS policies applied to the outbound direction of tunnel interfaces.
Examples
# Clear the statistics for the QoS policy applied to the outgoing traffic of the hub-spoke tunnel with spoke's IPv4 address 192.168.0.3 on tunnel interface 1.
<Sysname> reset qos policy advpn tunnel 1 192.168.0.3 outbound
Use qos flow-interval to set the QoS policy-based traffic rate statistics collection period for an interface.
Use undo qos flow-interval to restore the default.
Syntax
qos flow-interval interval
undo qos flow-interval
Default
The QoS policy-based traffic rate statistics collection period is 5 minutes on an interface.
Views
Interface view
Predefined user roles
network-admin
context-admin
Parameters
interval: Sets the QoS policy-based traffic rate statistics collection period in minutes. The value range for this argument is 1 to 10.
Usage guidelines
You can enable collection of per-class traffic statistics over a period of time, including the average forwarding rate and drop rate. For example, if you set the statistics collection period to 10 minutes, the system performs the following operations:
· Collects traffic statistics for the most recent 10 minutes.
· Refreshes the statistics every 10/5 minutes, 2 minutes.
The traffic rate statistics collection period of a subinterface is the same as the period configured on the main interface.
Examples
# Set the QoS policy-based traffic rate statistics collection period to 10 minutes on GigabitEthernet 1/2/5/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/2/5/1
[Sysname-GigabitEthernet1/2/5/1] qos flow-interval 10
Related commands
display qos policy interface
Use display qos car interface to display the CAR configuration and statistics for interfaces.
Syntax
display qos car interface [ interface-type interface-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
context-admin
context-operator
Parameters
interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays the CAR configuration and statistics for all interfaces except VA interfaces. For information about VA interfaces, see PPPoE in Layer 2—WAN Access Configuration Guide.
Usage guidelines
If you specify a VT interface, this command displays the CAR configuration and statistics of each VA interface of the VT interface. It does not display QoS information about the VT interface.
Examples
# Display the CAR configuration and statistics for GigabitEthernet 1/2/5/1.
<Sysname> display qos car interface gigabitethernet 1/2/5/1
Interface: GigabitEthernet1/2/5/1
Direction: inbound
Rule: If-match any
CIR 128 (kbps), CBS 5120 (Bytes), PIR 128 (kbps), EBS 512 (Bytes)
Green action : pass
Yellow action : pass
Red action : discard
Green packets : 0 (Packets), 0 (Bytes)
Yellow packets: 0 (Packets), 0 (Bytes)
Red packets : 0 (Packets), 0 (Bytes)
# Display the CAR information on GigabitEthernet 1/2/5/2.
<Sysname> display qos car interface gigabitethernet 1/2/5/2
Interface: GigabitEthernet1/2/5/2
Direction: inbound
Rule: If-match any
CIR 50 (%), CBS 600 (ms), EBS 0 (ms), PIR 50 (%)
Green action : pass
Yellow action : pass
Red action : discard
Green packets : 0 (Packets), 0 (Bytes)
Yellow packets: 0 (Packets), 0 (Bytes)
Red packets : 0 (Packets), 0 (Bytes)
Table 8 Command output
|
Field |
Description |
|
Interface |
Interface name, including interface type and interface number. |
|
Direction |
Direction in which traffic policing is applied. |
|
Rule |
Match criteria. |
|
CIR |
CIR in kbps (if the CIR is specified in absolute value) or in percentage (if the CIR is specified in percentage). |
|
CBS |
CBS in bytes (if the CBS is specified in absolute value) or in ms (if the CBS is specified in milliseconds). When the CBS is specified in milliseconds, the actual CBS value is cbs-time × the actual CIR value. |
|
EBS |
EBS in bytes (if the EBS is specified in absolute value) or in ms (if the EBS is specified in milliseconds). When the EBS is specified in milliseconds, the actual EBS value is ebs-time × the actual CIR value. |
|
PIR |
PIR in kbps (if the PIR is specified in absolute value) or in percentage (if the PIR is specified in percentage). |
|
Green action |
Action to take on green packets. |
|
Yellow action |
Action to take on yellow packets. |
|
Red action |
Action to take on red packets. |
Use display qos carl to display CAR lists.
Syntax
display qos carl [ carl-index ] [ chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
context-admin
context-operator
Parameters
carl-index: Specifies a CAR list by its number in the range of 1 to 199. If you do not specify a CAR list, this command displays all CAR lists.
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify this option, the command displays the CAR lists for the global active MPU.
Examples
# Display all CAR lists.
<Sysname> display qos carl
List Rules
1 destination-ip-address range 1.1.1.1 to 1.1.1.2 per-address shared-bandwidth
2 destination-ip-address subnet 1.1.1.1 22 per-address shared-bandwidth
4 dscp 1 2 3 4 5 6 7 cs1
5 mac 0000-0000-0000
6 mpls-exp 0 1 2
9 precedence 0 1 2 3 4 5 6 7
10 source-ip-address range 1.1.1.1 to 1.1.1.2
11 source-ip-address subnet 1.1.1.1 31
Use qos car to configure a CAR policy on an interface.
Use undo qos car to delete a CAR policy from an interface.
Syntax
qos car { inbound | outbound } { any | acl [ ipv6 ] acl-number | carl carl-index } cir committed-information-rate [ cbs committed-burst-size [ ebs excess-burst-size ] ] [ green action | red action | yellow action ] *
qos car { inbound | outbound } { any | acl [ ipv6 ] acl-number | carl carl-index } cir committed-information-rate [ cbs committed-burst-size ] pir peak-information-rate [ ebs excess-burst-size ] [ green action | red action | yellow action ] *
undo qos car { inbound | outbound } { any | acl [ ipv6 ] acl-number | carl carl-index }
Default
No CAR policy is configured.
Views
Interface view
Predefined user roles
network-admin
context-admin
Parameters
inbound: Performs CAR for incoming packets on the interface.
outbound: Performs CAR for outgoing packets on the interface.
any: Performs CAR for all IP packets in the specified direction.
acl [ ipv6 ] acl-number: Performs CAR for packets matching an ACL specified by its number. The value range for the acl-number argument is 2000 to 2999 for basic ACLs and 3000 to 3999 for advanced ACLs. If you do not specify ipv6, this option specifies an IPv4 ACL. If you specify ipv6, this option specifies an IPv6 ACL.
carl carl-index: Performs CAR for packets matching a CAR list specified by its number in the range of 1 to 199.
cir committed-information-rate: Specifies the CIR in kbps. The value range for committed-information-rate is 8 to 10000000.
cbs committed-burst-size: Specifies the CBS in bytes, which is the size of bursty traffic when the actual average rate is not greater than the CIR. The value range for committed-burst-size is 1875 to 19375000. The default CBS is the product of 62.5 and the CIR.
ebs excess-burst-size: Specifies the EBS in bytes. The value range for excess-burst-size is 0 to 19375000. If the PIR is configured, the default EBS is the product of 62.5 and the PIR.
pir peak-information-rate: Specifies the PIR in kbps. The value range for peak-information-rate is 8 to 10000000.
green: Specifies the action to take on packets when the traffic rate conforms to the CIR. The default is pass.
red: Specifies the action to take on packets when the traffic rate conforms to neither CIR nor PIR. The default is discard.
yellow: Specifies the action to take on packets when the traffic rate exceeds the CIR but conforms to the PIR. The default is pass.
action: Specifies the action to take on packets:
· continue: Continues to process the packet by using the next CAR policy.
· discard: Drops the packet.
· pass: Permits the packet to pass through.
· remark-dot1p-continue new-cos: Sets the 802.1p priority value of the 802.1p packet to new-cos and continues to process the packet by using the next CAR policy. The new-cos argument is in the range of 0 to 7.
· remark-dot1p-pass new-cos: Sets the 802.1p priority value of the 802.1p packet to new-cos and permits the packet to pass through. The new-cos argument is in the range of 0 to 7.
· remark-dscp-continue new-dscp: Remarks the packet with a new DSCP value and continues to process the packet by using the next CAR policy. The new-dscp argument is in the range of 0 to 63. Alternatively, you can specify the new-dscp argument with af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, cs1, cs2, cs3, cs4, cs5, cs6, cs7, default, or ef.
· remark-dscp-pass new-dscp: Remarks the packet with a new DSCP value and permits the packet to pass through. The new-dscp argument is in the range of 0 to 63. Alternatively, you can specify the new-dscp argument with af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, cs1, cs2, cs3, cs4, cs5, cs6, cs7, default, or ef.
· remark-prec-continue new-precedence: Remarks the packet with a new IP precedence and continues to process the packet by using the next CAR policy. The new-precedence argument is in the range of 0 to 7.
· remark-prec-pass new-precedence: Remarks the packet with a new IP precedence and permits the packet to pass through. The new-precedence argument is in the range of 0 to 7.
Usage guidelines
To use two rates for traffic policing, configure the qos car command with the pir peak-information-rate option. To use one rate for traffic policing, configure the qos car command without the pir peak-information-rate option.
You can configure multiple qos car commands on an interface to define multiple CAR policies. These CAR policies are executed in their configuration order.
Examples
# Perform CAR for all packets in the outbound direction of GigabitEthernet 1/2/5/1. The CAR parameters are as follows:
· CIR is 200 kbps.
· CBS is 5120 bytes.
· EBS is 0.
· Conforming packets are transmitted.
· Excess packets are set with an IP precedence of 0 and transmitted.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/2/5/1
[Sysname-GigabitEthernet1/2/5/1] qos car outbound any cir 200 cbs 5000 ebs 0 green pass red remark-prec-pass 0
Related commands
display qos car interface
qos carl
Use qos carl to create or modify a CAR list.
Use undo qos carl to delete a CAR list.
Syntax
qos carl carl-index { dscp dscp-list | mac mac-address | mpls-exp mpls-exp-value | precedence precedence-value | { destination-ip-address | source-ip-address } { range start-ip-address to end-ip-address | subnet ip-address mask-length } [ per-address [ shared-bandwidth ] ] }
undo qos carl carl-index
Default
No CAR list is configured.
Views
System view
Predefined user roles
network-admin
context-admin
Parameters
carl-index: Specifies a CAR list by its number in the range of 1 to 199.
dscp dscp-list: Specifies a list of DSCP values. A DSCP value can be a number from 0 to 63 or any of the following keywords af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, cs1, cs2, cs3, cs4, cs5, cs6, cs7, default, or ef. You can configure up to eight DSCP values in one command line. If the same DSCP value is specified multiple times, the system considers the values to be one value. If a packet matches one of the defined DSCP values, it matches the if-match clause.
mac mac-address: Specifies a MAC address in hexadecimal format.
mpls-exp mpls-exp-value: Specifies an MPLS EXP value in the range of 0 to 7. You can configure up to eight MPLS EXP values in one command line. If the same MPLS EXP value is specified multiple times, the system considers the values to be one value. If a packet matches one of the defined MPLS EXP values, it matches the if-match clause.
precedence precedence: Specifies a precedence value in the range of 0 to 7. You can configure up to eight IP precedence values in one command line. If the same IP precedence value is specified multiple times, the system considers the values to be one value. If a packet matches one of the defined IP precedence values, it matches the if-match clause.
destination-ip-address: Configures a destination IP address-based CAR list.
source-ip-address: Configures a source IP address-based CAR list.
range start-ip-address to end-ip-address: Specifies an IP address range by the start address and end address. The value for end-ip-address must be greater than the value for start-ip-address.
subnet ip-address mask-length: Specifies a subnet by the IP subnet address and IP subnet address mask length.
per-address: Performs per-IP address rate limiting within the network segment. When this keyword is specified, the CIR is dedicated bandwidth for each IP address and is not shared by any other IP address. If you do not specify this keyword, the following events occur:
· Rate limiting is performed for the entire network segment.
· All of the CIR is allocated among all IP addresses in proportion to the traffic load of each IP address.
shared-bandwidth: Specifies that traffic of all IP addresses within the network segment shares the remaining bandwidth (the CIR). If you specify this keyword, all of the CIR is allocated evenly among all IP addresses with traffic load.
Usage guidelines
You can create a CAR list based on IP precedence, MAC address, MPLS EXP, DSCP, or IP network segment.
If you execute this command multiple times for the same CAR list, the most recent configuration takes effect. If you execute this command multiple times for different CAR lists, multiple CAR lists are created.
To perform rate limiting for a single IP address, use the qos car acl command in interface view.
Examples
# Apply CAR list 1 to the outbound direction of GigabitEthernet 1/2/5/1 to meet the following requirements:
· The rate of each host on the subnet 1.1.1.0/24 is limited to 512 kbps.
· Traffic of IP addresses in the subnet does not share the remaining bandwidth.
<Sysname> system-view
[Sysname] qos carl 1 source-ip-address subnet 1.1.1.0 24 per-address
[Sysname] interface gigabitethernet 1/2/5/1
[Sysname-GigabitEthernet1/2/5/1] qos car outbound carl 1 cir 512 cbs 5120 ebs 0 green pass red discard
# Apply CAR list 2 to the outbound direction of GigabitEthernet 1/2/5/1 to meet the following requirements:
· The rate of each host in the IP address range of 1.1.2.100 to 1.1.2.199 is limited to 5 Mbps.
· Traffic of IP addresses in the subnet shares the remaining bandwidth.
<Sysname> system-view
[Sysname] qos carl 2 source-ip-address range 1.1.2.100 to 1.1.2.199 per-address shared-bandwidth
[Sysname] interface gigabitethernet 1/2/5/1
[Sysname-GigabitEthernet1/2/5/1] qos car outbound carl 2 cir 5120 cbs 51200 ebs 51200 green pass red discard
# Apply CAR list 3 to the outbound direction of GigabitEthernet 1/2/5/2 to meet the following requirements:
· The rate of each host in object group work-group is limited to 256 kbps during time range work-time.
· Traffic of IP addresses in the object group does not share the remaining bandwidth.
<Sysname> system-view
[Sysname] qos carl 3 source-ip-address object-group work-group per-address time-range work-time
[Sysname] interface gigabitethernet 1/2/5/2
[Sysname-GigabitEthernet1/2/5/2] qos car outbound carl 3 cir 256 cbs 6250 ebs 0 green pass red discard
Related commands
display qos carl
qos car
